<?php
/*
+--------------------------------------------------------------------------
|   AffiliStore 2
|   ========================================
|   Web: http://www.affilistore.com
|   Email: admin (at) affilistore (dot) com
|	License Type: AffiliStore 2 is NOT open source software and limitations apply 
|   Licence Info: Visit AffiliStore website and click on 'Licence'
+--------------------------------------------------------------------------
*/
if (eregi(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) || eregi(".inc.php",$_SERVER['PHP_SELF'])) {
	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
	exit;
}



// get the link listings
$sql = sprintf("SELECT * FROM affiliSt_linkcategories ORDER BY name ASC",
					   quote_smart($linkCategory));
$getCatNames = mysql_query($sql, $databaseConnect) or die(mysql_error());
$catNames = mysql_fetch_assoc($getCatNames);


// get my link details
$getMyLinkTitle = mysql_query("SELECT * FROM affiliSt_config WHERE name = 'adLinkTitle'");
$myLinkTitle = mysql_fetch_assoc($getMyLinkTitle);
$getMyLinkURL = mysql_query("SELECT * FROM affiliSt_config WHERE name = 'adLinkURL'");
$myLinkURL = mysql_fetch_assoc($getMyLinkURL);
$getMyLinkDesc = mysql_query("SELECT * FROM affiliSt_config WHERE name = 'adLinkDescription'");
$myLinkDesc = mysql_fetch_assoc($getMyLinkDesc);

$box_content = new XTemplate ("skins/".$configSkin['value']."/styleTemplates/addlink.tpl");

if ($_GET['add'] == 1) {

	
	if ($catNames['id'] != NULL) {
		do {
			$box_content->assign("OPTION", '<option value="'.$catNames['id'].'">'.$catNames['name'].'</option>');
			//$box_content->assign("OPTIONVALUE", $catNames['id']);
			$box_content->parse("addlink.options");
		
		}  while ($catNames = mysql_fetch_assoc($getCatNames));
	}
	
	
	$box_content->assign("MYWEBLINK", $myLinkURL['value']);
	$box_content->assign("MYWEBTITLE", $myLinkTitle['value']);
	$box_content->assign("MYWEBDESC", $myLinkDesc['value']);

	$box_content->parse("addlink");
	$box_content = $box_content->text("addlink");


} else if ($_GET['add'] == 2) {


	
	session_start();
	
	
	// check to see if details have been completed
	if (empty($_POST['ld_fullName']) || empty($_POST['ld_email']) || empty($_POST['ld_websiteURL']) || empty($_POST['ld_websiteTitle']) || empty($_POST['ld_websiteDescription']) || empty($_POST['ld_reciprocalLink']) || ($_SESSION['security_code'] != $_POST['security_code']) || empty($_SESSION['security_code'])) {
	$box_content->assign("DATA", '<fieldset><strong style="color:red">ERROR: Fields must not be empty</strong></fieldset>');
	
	
	
	// add details to db
	} else {
	
	
	// check for recip link
	$findlink = @ implode('', file($_POST['ld_reciprocalLink']));
	if ($findlink) {
	
	$getBacklink = mysql_query("SELECT * FROM affiliSt_config WHERE name = 'adLinkURL'");
	$userBacklink = mysql_fetch_assoc($getBacklink);
	$sitelink = $userBacklink['value'];
	
			if (eregi("$sitelink", $findlink)) {
			$recipConfirm = 1;
			} else {
			$recipConfirm = 0;
			}
		
	} else {
	$recipConfirm = 0;
	}
	
	
	
	$timeNow = mktime(0, 0, 0, date("m"), date("d"), date("Y"));
	$timeNextMonth =  mktime(0, 0, 0, date("m")+1, date("d"), date("Y"));
	
	$sql = sprintf("INSERT INTO affiliSt_links (name, email, url, title, description, category, reciprocal, confirmed, approved, added, nextcheck, nocheck) values (%s, %s, %s, %s, %s, %s, %s, %s, %s, %d, %d, %s)",
			   quote_smart($_POST['ld_fullName']),
			   quote_smart($_POST['ld_email']),
			   quote_smart($_POST['ld_websiteURL']),
			   quote_smart($_POST['ld_websiteTitle']),
			   quote_smart($_POST['ld_websiteDescription']),
			   quote_smart($_POST['ld_category']),
			   quote_smart($_POST['ld_reciprocalLink']),
			   quote_smart($recipConfirm),
			   '0',
			   quote_smart($timeNow),
			   quote_smart($timeNextMonth),
			   '0');
	mysql_query($sql, $databaseConnect) or die(mysql_error());
	
	
	
	
	// get config details
	$getMyEmail = mysql_query("SELECT * FROM affiliSt_config WHERE name = 'adEmail'");
	$myEmail = mysql_fetch_assoc($getMyEmail);
	$getEmailThanks = mysql_query("SELECT * FROM affiliSt_config WHERE name = 'emailThanks'");
	$emailThanks = mysql_fetch_assoc($getEmailThanks);
	$getEmailNew = mysql_query("SELECT * FROM affiliSt_config WHERE name = 'emailNewLink'");
	$emailNew = mysql_fetch_assoc($getEmailNew);
	$getEmailSig = mysql_query("SELECT * FROM affiliSt_config WHERE name = 'emailSig'");
	$emailSig = mysql_fetch_assoc($getEmailSig);


	
	// thank you email
	$myemailaddress = $myEmail['value'];
	$emailaddress = $_POST['ld_email'];
	$subject = "Link Submission Received";
	$emailmessage = $emailThanks['value'];
	$emailfrom = $myemailaddress;
	$messagea .= "Dear ".$_POST['ld_fullName']."\n\n".$emailmessage."\n\n".$emailSig['value']."\n\n";
	$runtime = (date("d M Y H:i"));
	$messagea .= "Time of the message: $runtime (server time zone)\n\n";
	mail($emailaddress, $subject, $messagea, "From: $emailfrom");


	
	// new link email
	$myemailaddress = $myEmail['value'];
	$emailaddress = $myemailaddress;
	$subject = "New Link Submission Received";
	$emailmessage = $emailNew['value'];
	$emailfrom = $myemailaddress;
	$messageb .= "Dear Admin\n\n".$emailmessage."\n\n".$emailSig['value']."\n\n";
	$runtime = (date("d M Y H:i"));
	$messageb .= "Time of the message: $runtime (server time zone)\n\n";
	mail($emailaddress, $subject, $messageb, "From: $emailfrom");
		
	
	
	
	$box_content->assign("DATA", '<fieldset><strong style="color:green">Thank you. We will review the link as soon as possible.</strong></fieldset>');
	
	}

	$box_content->parse("addlinkresult");
	$box_content = $box_content->text("addlinkresult");
}
?>